<?php
	session_start();
	require('config.php');
	
	function sanitize($data){
		$data=trim($data);
		$data=htmlspecialchars($data);
		return $data;
	}
	
	$signature= sanitize($_GET['signature']);
	
	if ($signature == $_SESSION['signature']) {
		//authenticated user request
		$_SESSION['logged_in'] = FALSE;
		session_destroy();   
		session_unset();     
		
		header("Location: http://".HOST_NAME.":".HTTP_PORT."/".APP_NAME);		
	} else {
		//unauthorized logout
		header(sprintf("Location: %s", $forbidden_url));	
		exit;  
	}
?>